CN106060093B - Cloud platform development approach for mobile device - Google Patents
Cloud platform development approach for mobile device Download PDFInfo
- Publication number
- CN106060093B CN106060093B CN201610619697.XA CN201610619697A CN106060093B CN 106060093 B CN106060093 B CN 106060093B CN 201610619697 A CN201610619697 A CN 201610619697A CN 106060093 B CN106060093 B CN 106060093B
- Authority
- CN
- China
- Prior art keywords
- file
- cloud
- monitoring
- request
- mobile device
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/06—Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1095—Replication or mirroring of data, e.g. scheduling or transport for data synchronisation between network nodes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/60—Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The present invention provides a kind of cloud platform development approaches for mobile device, this method comprises: carrying out legitimate verification to the cloud file of mobile device request, request of the isolation to the cloud file if authentication failed, and the cloud file is restored in background data base simultaneously.The invention proposes a kind of cloud platform development approaches for mobile device, have low consumption;High ease for use and scalability;It supports complicated cloud platform system, while protecting the biggish demand of the quantity of cloud platform.
Description
Technical field
The present invention relates to network security, in particular to a kind of cloud platform development approach for mobile device.
Background technique
With the high speed development of internet, establish portal website have become enterprise's outward service window and development mainly become
Gesture, still, for various reasons, the construction level of these cloud platforms is also irregular, to bring the peace of many network informations
Full problem.Various viruses are frequently broken out, hacker frequently attacks, spam is constantly invaded and harassed, and cloud intrusion event is extremely serious, peace
Constantly highlighting for full demand, brings development opportunity and prospect to the development of network security marketplace.However, relative to firewall,
The network security products such as antivirus software, the defence product based on cloud platform not yet spread to each mobile client.Traditional is hard
Part equipment safety product later maintenance fund is high, and is not easy to manage.
Summary of the invention
To solve the problems of above-mentioned prior art, the invention proposes a kind of cloud platforms for mobile device to open
Forwarding method, comprising:
Legitimate verification is carried out to the cloud file of mobile device request, isolation is to the cloud file if authentication failed
Request, and the cloud file is restored in background data base simultaneously.
Preferably, the cloud platform system of defense carries out legitimate verification to the cloud file that mobile device is requested, into one
Step includes:
When starting the real-time monitoring unit of cloud platform system of defense, by the configuration information of cloud file, digital signature value, text
Part characteristic value is read in caching, when mobile device accesses management server, real-time monitoring unit to the request of mobile device into
Row parsing is compared with the characteristic value of corresponding document in caching first after obtaining the cloud file of mobile device request, if
Current accessed is then directly isolated in authentication failed, while requesting reduction this document to monitoring server;It is carried out if being proved to be successful
It verifies in next step, positions the digital signature value of this document in the buffer, computations are carried out to this file if positioning successfully
And be compared with the digital signature value in caching, it goes in signature library to read the signature and more of corresponding document again if no-fix
It is new to be compared later to caching, if all no-fix successes in signature library, it is determined that this cloud file is suspicious cloud file, together
Shi Jinhang isolation access, and write in malicious modification record, it determines that cloud file is normal if equal, cloud file data is returned
Back to mobile device, determine that current accessed is isolated by malicious modification in file if unequal, while also to monitoring server request
This former cloud file.
Preferably, the described pair of cloud file is restored in background data base, further comprises: being sent out to monitoring server
Send alarm and reduction request;Check whether the reliability of reduction request, parameter are correct;Whether monitoring downloading file is in downloading queue
Middle presence checks whether the file for needing to download and local signature file are consistent, if file and signature be not identical to management end
The state for needing to download file is obtained, if getting this document state is that downloading file is increased to downloading team in downloading
In column, stop restoring operation;If from management end read less than download state or download state be idle when, sent out to management end
Return the request of original;Timing is monitored the file in downloading queue, and file to be restored is read out from list,
The request of monitoring file status is sent to management end, if request is this document also in downloading, skips the processing of this document;Such as
The file status that fruit reads is that downloading is completed, and whether monitoring this document and local signature file are consistent, if consistent under
It carries and is removed in queue, send the request of also original to management end if not identical;
When file is maliciously deleted, the real-time monitoring unit sends alarm to monitoring server, and circular document is deleted
Remove, request automatic reduction, by reduction request be verified after to management end send reduction request, after management end receives request
Monitoring server is sent the file to, file is updated;
The real-time monitoring unit timing sends heartbeat message to monitoring server, when monitoring server timing checks current
Between the difference of last time be compared with the time cycle for sending heartbeat message, if more than transmission heartbeat message when
Between the period, then send warning message notice management end real-time monitoring unit not running;
Management server includes timing scan configuration to the configuration of defence relevant parameter, and the starting time of timing scan is arranged
And the timing scan time interval period;Real-time monitoring degree of protection is set, is realized to cloud file, signature file and configuration text
The transmission and update of part receive the malicious modification record sent from monitoring server, by the original of backup when invading
File is sent to monitoring side and is updated;Monitoring server is used to receive the file from management server publication, and file is same
Step is updated to monitoring end application server;The result of timing scan is recorded, log recording in the text, is received from real
When monitoring unit monitoring information, and maintain a message queue;Monitor that file by after malicious modification, is sent out to monitoring server
Warning message is sent, monitoring server sends a message to management server, and starting scanning thread carries out the file in cloud platform
Timing scan.
The present invention compared with prior art, has the advantage that
The invention proposes a kind of cloud platform development approaches for mobile device, have low consumption;High ease for use and expansion
Malleability;It supports complicated cloud platform system, while protecting the biggish demand of the quantity of cloud platform.
Detailed description of the invention
Fig. 1 is the procedure chart of the cloud platform development approach according to an embodiment of the present invention for mobile device.
Specific embodiment
Retouching in detail to one or more embodiment of the invention is hereafter provided together with the attached drawing of the diagram principle of the invention
It states.The present invention is described in conjunction with such embodiment, but the present invention is not limited to any embodiments.The scope of the present invention is only by right
Claim limits, and the present invention covers many substitutions, modification and equivalent.Illustrate in the following description many details with
Just it provides a thorough understanding of the present invention.These details are provided for exemplary purposes, and without in these details
Some or all details can also realize the present invention according to claims.
An aspect of of the present present invention provides a kind of cloud platform development approach for mobile device.Fig. 1 is according to the present invention
The cloud platform development approach procedure chart for mobile device of embodiment.
The present invention is based on cloud platform systems of defense, can find intrusion behavior in time and can restore in time.Cloud platform defence
System carries out invading real-time isolation at the entrance that cloud platform accesses, and carries out in conjunction with file of the monitoring server to malicious modification
Reduction and the scanning that cloud platform is timed.System includes monitoring side and management end, and monitoring side is web cluster server,
It is deployed in outer net;Management end is monitoring server, is deployed in Intranet.
Memory is read on startup in file signature library by system, maintains common data in memory, and having new data
Memory is updated when needing to access.The feature of file is first compared before carrying out signature calculation and verifying, such as file is big
Small, file change time etc. is sized each file and carries out fragment calculating, to every using the file encryption of fragment
A cloud file adds timestamp, and is also then to add a time interval, the text monitored in preset frequency interval to each file
Part does not repeat to monitor, and cloud file is directly returned to mobile device.
The cloud platform system of defense is analyzed by the request to cloud platform mobile device, to the cloud of mobile device request
It holds file to carry out legitimate verification, is verified, cloud file is fed back into mobile device, institute is isolated if authentication failed
There is the request to the cloud file, and the cloud file is restored in background data base simultaneously;By certain setting, after
Platform thread can be scanned the file in management server every preset frequency, and discovery apocrypha then sounds an alarm, and remembers
Scanning result is recorded, administrator's processing is waited.
Functional unit in this system is described as follows:
File backup release unit: each cloud file is generated uniquely, no by HASH algorithm by file backup
Reversible digital signature, and backup file and its corresponding signature file are stored in management server, while by cloud file
Be distributed to monitoring side with signature file, using the legitimate verification as cloud file, in order to safely by the cloud file of backup and
Signature file is stored in monitoring server.
Real-time monitoring unit: pass through the verifying of management server to each cloud file of mobile device request.It is logical
Signature value compares in the digital document crossed in the value and management server of the digital signature calculating to cloud file, if two values
Equal, then cloud file verification is normal, and the cloud file that mobile device is requested is returned to mobile device;If two are worth not phase
Deng, it is determined that cloud file is suspicious, and the cloud file of request is not sent to mobile device, while managing monitoring server from trend
Send reduction cloud file request.
Timing scan unit: timing carries out scan round to the cloud file in management server in monitoring server,
And the cloud platform in management server is scanned at predetermined time intervals.
Result treatment unit: check that monitoring server sweeps management server cloud platform in management end monitoring server
Retouch result;It is operated it was found that apocrypha can be restored, deleted and be increased for legitimate files etc., is increased to legitimate files
Cloud file can back up it, and generate signature file;It can be managed and can check maliciously for legitimate files to increasing
Modification record.
Increase a defence unit in management server, and the access each time of mobile device is all verified.First
Using HASH algorithm to file generated digital signature, and file and signature are published to by management server by document distribution system
On, mobile device accesses the file in management server, and defence unit obtains mobile device solicited message, mobile device is requested
Cloud file by digital signature authentication, mobile device is returned to if being proved to be successful, if authentication failed immediately every
From, while backstage being notified to restore this cloud file.
In above process, the present invention combines document distribution system that each release tasks are all generated with one at random first
Value splices this on the head of the file stream of each reading when being digitally signed calculating to the All Files specifically issued
HASH calculating is carried out to this segment file stream again after section random value.Simultaneously by random value by the way of asymmetric encryption to this with
Machine value encrypt and random value is published to monitoring side.Pass through the decryption to random value when file is verified in monitoring side
Afterwards, the head for being spliced to file carries out HASH calculating and is verified.To file carry out fragment encryption by way of come
It solves, if subsequent fragment does not all need to be calculated, to server in n-th of fragment discovery file by malicious modification
On cloud platform carry out the setting of degree of protection, different grade is realized using the side for increasing different cloud platforms timestamp
Formula.In each monitoring if it find that the monitoring time of current this document and the upper time once monitored are in this timestamp scope
It is interior, then not file is verified, cloud file is directly fed back into mobile device.It is first right before carrying out HASH verifying to file
The characteristic attribute of file is verified.
The present invention realizes timing scan using two threads, and a thread is responsible for obtaining document queue, and a thread is responsible for
Verifying.Document queue can keep a upper limit, and when the upper limit more than setting, this can then enter suspend mode, guarantee that memory size is in this way
Certain.Timing scan can be scanned cloud platform by setting cycle period and circulation initial time, while can
It is scanned with selecting any catalogue.Corresponding record can all be had by scanning each time, mobile device can by management end come
Scanning result is handled, timing scan result can deletion, restore and enhance trust by way of handled.
Management server realizes the configuration to defence relevant parameter, including timing scan configuration, setting in defence configuration
The starting time and timing scan time interval period of timing scan;Real-time monitoring degree of protection is set, realization pair is also used to
The transmission and update of cloud file, signature file and configuration file receive the malicious modification note sent from monitoring server
Record, sends monitoring side for the original document of backup when invading and is updated;By the way that enhance trust can be right after timing scan
Apocrypha generates signature, is revised as legitimate files;The information that will be invaded every time, scanning result information, result treatment information is all
It is stored in database.
Monitoring server is used to receive the file from management server publication, and synchronously renewing file is applied to monitoring side
Server;The result of timing scan is recorded, log recording in the text, receives the monitoring letter from real-time monitoring unit
Breath, and maintain a message queue;Monitor that file by after malicious modification, sends warning message, monitoring clothes to monitoring server
Business device sends a message to management server.Scanning is timed to the file in cloud platform.In monitoring server starting, it is
System starting scanning thread, can then be scanned the cloud file on server when sweep time reaches.When discovery monitoring side prison
When survey unit is out of service, information request is sent to management end and opens defence unit.
Real-time monitoring unit is disposed on the management server, and timing scan unit is deployed in monitoring server.Monitoring side
Mobile device request is received, file is verified, timing cycle scanning sends invasion information and reduction request, while listening for
The heartbeat etc. of Real-time defence unit;Management end is on the defensive configuration to system, log management, and to timing scan result at
Reason.
System carries out carrying out safety backup to cloud file by file backup in management server and generates digital signature library.It is logical
It crosses management end and three kinds of defence grade settings, respectively highest level, optimal grade, the lowest class is carried out to cloud platform, according to cloud
Situations such as access of platform and attack frequency sets itself.Highest level does not add timestamp file, all carries out to each access
Verifying.Optimal grade increases timestamp to file, if the lowest class time interior file, which was verified, once will no longer test
Card, according to the starting time of the access situation sets itself timing scan of cloud platform, and can set by preset frequency interval to cloud
End file is scanned, and cloud file, configuration file and file signature library are published to monitoring clothes by management end file distributing
Business device.The monitoring being on the defensive simultaneously to the file of cloud platform is scanned by real-time monitoring and timing cycle after system starting.
Real time monitoring function is embedded into management server by real-time monitoring unit, is carried out with the data to disengaging server
Stringent control, and independent monitoring process is not present, this ensure that hacker can not terminate this monitoring unit, and sending out
The access of the reduction of invasion file and isolation invader can be timely carried out when existing intrusion behavior.
In real-time monitoring unit starting, real-time monitoring unit is by the configuration information of cloud file, digital signature value, file
The parameters such as characteristic value are read in caching.When mobile device accesses management server, real-time monitoring unit can be to mobile device
Request is parsed.After obtaining the cloud file of mobile device request, the characteristic value first with corresponding document in caching is compared
Compared with, if authentication failed directly be isolated current accessed, while to monitoring server request restore this cloud file.If verifying
It is successful then carry out next step verifying.Then the digital signature value for positioning this document in the buffer again, to this if positioning successfully
File carries out computations and is compared with the digital signature value in caching, goes in signature library to read phase again if no-fix
It answers the signature of file and is compared after updating to caching, if all no-fix successes in signature library, it is determined that this cloud file
It is suspicious cloud file, while carries out isolation access, and writes in malicious modification record.Cloud file is being determined just if equal
Often, cloud file data is returned into mobile device, determines that by malicious modification, current accessed is isolated, together in file if unequal
When to monitoring server request restore this cloud file.
Normal access process are as follows: when mobile device accesses cloud platform, management server receives mobile device request
Message, real-time monitoring unit obtain mobile device access request, the content of Location Request cloud file.By the text for defending unit
Part verification process is verified.If be proved to be successful, show that the cloud file is not invaded, real-time monitoring unit can pass through
Current access request, and request cloud file is returned into mobile device.
Wherein, file verification process includes obtaining mobile device access request, the content of Location Request cloud file.It is first
Whether the attribute value for first comparing file is equal.Determine file by malicious modification, authentication failed if unequal.It is checked if equal
It whether there is the digital signature of this file in caching.It then goes in signature library to search if it does not exist, if this is also not present in signature library
File signature, it is determined that this file is apocrypha, authentication failed.Then the signature of this file is updated in such as caching if it exists,
Then the digital signature for calculating accessed file is compared.If comparing inconsistent, it is determined that this file is modified, and verifying is lost
It loses.If comparing consistent, it is determined that this file is normal, is proved to be successful.
If content executes following procedure by malicious modification: if authentication failed, it is determined that the cloud file is maliciously repaired
Change, current accessed can be isolated in real-time monitoring unit, be simultaneously emitted by alarm, send request and restore this cloud file, while recording day
Will returns to miscue.
Wherein reduction process includes: that real-time monitoring unit returns to miscue, and cuts off this visit.Real-time monitoring unit
Alarm and reduction request are sent to monitoring server.Check whether the reliability of reduction request, parameter are correct.Monitoring downloading file
Whether exist in downloading queue, and if so, not needing to be downloaded restoring operation.Check the file for needing to download and this
Whether ground signature file is consistent, signs identical with file, does not need to be downloaded operation.If file and sign it is not identical to
Management end obtains the state for needing to download file, if getting this document state is that downloading file is increased in downloading
It downloads in queue, stops restoring operation.If from management end read less than download state or download state be idle when, Xiang Guan
Manage the request that end sends also original.Timing is monitored the file in downloading queue, reads out from list to be restored
File, to management end send monitoring file status request, if request be this document also in downloading, skip this document
Processing.If the file status read is that downloading is completed, whether monitoring this document and local signature file are consistent, if one
It causes then to remove from downloading queue, sends the request of also original to management end if not identical.
If file is deleted, real-time monitoring unit sends alarm to monitoring server, and circular document is deleted, and request is certainly
Dynamic reduction.By reduction request be verified after to management end send reduction request, management end receive request after file is sent out
It is sent to monitoring server, updates file.
If desired the catalogue or file enhanced trust are legitimate files, then increase this file or catalogue in white list management
Add as legitimate files.Management end sends message to monitoring server at this time, and the file in message is carried out signature calculation and is generated
Signature file.Legitimate files can be then confirmed to be when accessing this file again.
Real-time monitoring unit timing sends heartbeat message to monitoring server.Monitoring server timing is checked in current time
The difference of time is compared with the time cycle for sending heartbeat message, sends week time of heartbeat message if more than
Phase then sends warning message notice management end real-time monitoring unit not running.Management end is handled after receiving warning message.
Timing cycle scanning element starts two threads in monitoring server.One thread is responsible for carrying out listed files
Management, starts the management that a thread exclusively carries out document queue.A maximum value is set for document queue, when document queue is long
Then by this thread suspend mode when degree is equal to maximum value, the length of pending file queue is less than maximum value, then continues growing file column
Table.Another thread obtains file from document queue, the comparison of part characteristic value and digital signature value of composing a piece of writing of going forward side by side, when queue is long
When degree is 0, this process carries out suspend mode, and waiting list fills file.
Request to the HTTP of web server may further include authentication, purview certification, request verification, network address
The stages such as redirection, each stage call corresponding function to be handled.The character string of hexadecimal format is restored again
For original character string, the character of redundancy in URI is rejected.For the network address of request, Web server searches current configuration information
In whether have configuration for the network address., network address is written over, it can be when the storing path of demand file be changed
Time avoids the network address externally provided from being modified.If there is symbol connection in the paths, need to handle in resource impact.To
Mobile device end determines head response before sending response.
In conclusion there is low consumption the invention proposes a kind of cloud platform development approach for mobile device;Gao Yi
With property and scalability;It supports complicated cloud platform system, while protecting the biggish demand of the quantity of cloud platform.
Obviously, it should be appreciated by those skilled in the art, above-mentioned each unit of the invention or each steps can be with general
Computing system realize that they can be concentrated in single computing system, or be distributed in multiple computing systems and formed
Network on, optionally, they can be realized with the program code that computing system can be performed, it is thus possible to they are stored
It is executed within the storage system by computing system.In this way, the present invention is not limited to any specific hardware and softwares to combine.
It should be understood that above-mentioned specific embodiment of the invention is used only for exemplary illustration or explains of the invention
Principle, but not to limit the present invention.Therefore, that is done without departing from the spirit and scope of the present invention is any
Modification, equivalent replacement, improvement etc., should all be included in the protection scope of the present invention.In addition, appended claims purport of the present invention
Covering the whole variations fallen into attached claim scope and boundary or this range and the equivalent form on boundary and is repairing
Change example.
Claims (2)
1. a kind of cloud platform development approach for mobile device characterized by comprising
Legitimate verification is carried out to the cloud file of mobile device request, is isolated if authentication failed and the cloud file is asked
It asks, and the cloud file is restored in background data base simultaneously;
The cloud platform system of defense carries out legitimate verification to the cloud file that mobile device is requested, and further comprises:
It is when starting the real-time monitoring unit of cloud platform system of defense, the configuration information of cloud file, digital signature value, file is special
Value indicative is read in caching, and when mobile device accesses management server, real-time monitoring unit solves the request of mobile device
Analysis is compared with the characteristic value of corresponding document in caching first after obtaining the cloud file of mobile device request, if verifying
Current accessed is then directly isolated in failure, while requesting reduction this document to monitoring server;It is carried out if being proved to be successful next
Step card, in the buffer position this document digital signature value, if position successfully to this file progress computations and with
Digital signature value in caching is compared, and goes to read the signature of corresponding document in signature library again if no-fix and update is arrived
It being compared after caching, if all no-fix successes in signature library, it is determined that this cloud file is suspicious cloud file, while into
Row isolation access, and write in malicious modification record, it determines that cloud file is normal if equal, cloud file data is returned to
Mobile device determines that current accessed is isolated by malicious modification in file if unequal, while restoring this to monitoring server request
Cloud file.
2. the method according to claim 1, wherein the described pair of cloud file is gone back in background data base
Original further comprises: sending alarm and reduction request to monitoring server;Check the reliability of reduction request, whether just parameter
Really;Whether monitoring downloading file exists in downloading queue, checks whether the file for needing to download and local signature file are consistent,
If file and the not identical state for being obtained to management end and needing to download file of signing, if getting this document state is under
In load, downloading file is increased in downloading queue, restoring operation is stopped;If read from management end less than download state or
When download state is idle, the request of also original is sent to management end;Timing is monitored the file in downloading queue, from
File to be restored is read out in list, to management end send monitoring file status request, if request be this document also
In downloading, the processing of this document is skipped;If the file status read is that downloading is completed, monitoring this document and local signature
Whether file is consistent, removes from downloading queue if consistent, sends if not identical to management end and go back asking for original
It asks;
When file is maliciously deleted, the real-time monitoring unit sends alarm to monitoring server, and circular document is deleted, asks
Seek automatic reduction, by reduction request be verified after to management end send reduction request, management end receive request after will be literary
Part is sent to monitoring server, updates file;
The real-time monitoring unit timing sends heartbeat message to monitoring server, and monitoring server timing is checked in current time
The difference of time is compared with the time cycle for sending heartbeat message, sends week time of heartbeat message if more than
Phase then sends warning message notice management end real-time monitoring unit not running;
Management server to defence relevant parameter configuration include timing scan configuration, be arranged timing scan the starting time and
The timing scan time interval period;Real-time monitoring degree of protection is set, is realized to cloud file, signature file and configuration file
It sends and updates, the malicious modification record sent from monitoring server is received, by the original document of backup when invading
Monitoring side is sent to be updated;Monitoring server is used to receive the file from management server publication, more by file synchronization
It is new to arrive monitoring end application server;The result of timing scan is recorded, log recording in the text, is received from prison in real time
The monitoring information of unit is surveyed, and maintains a message queue;Monitor that file by after malicious modification, sends to monitoring server and reports
Alert information, monitoring server send a message to management server, and starting scanning thread is timed the file in cloud platform
Scanning.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610619697.XA CN106060093B (en) | 2016-07-29 | 2016-07-29 | Cloud platform development approach for mobile device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610619697.XA CN106060093B (en) | 2016-07-29 | 2016-07-29 | Cloud platform development approach for mobile device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106060093A CN106060093A (en) | 2016-10-26 |
CN106060093B true CN106060093B (en) | 2019-07-05 |
Family
ID=57196867
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610619697.XA Active CN106060093B (en) | 2016-07-29 | 2016-07-29 | Cloud platform development approach for mobile device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106060093B (en) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107026841B (en) * | 2016-11-24 | 2021-07-30 | 创新先进技术有限公司 | Method and device for publishing works in network |
CN106815716B (en) * | 2016-12-31 | 2018-04-10 | 重庆傲雄在线信息技术有限公司 | A kind of electronic record file forming method and system |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101377751A (en) * | 2007-08-30 | 2009-03-04 | 周宏建 | Method for protecting computer working document |
CN101540755A (en) * | 2008-03-18 | 2009-09-23 | 华为技术有限公司 | Method, system and device for recovering data |
CN103067522A (en) * | 2013-01-10 | 2013-04-24 | 东莞宇龙通信科技有限公司 | Data management method and system and mobile terminal based on cloud end server |
CN103577503A (en) * | 2012-08-10 | 2014-02-12 | 鸿富锦精密工业(深圳)有限公司 | Cloud file storage system and method |
CN105208115A (en) * | 2015-09-01 | 2015-12-30 | 南京伍安信息科技有限公司 | Network-based file separate storage and transmission management system and method |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8676763B2 (en) * | 2011-02-08 | 2014-03-18 | International Business Machines Corporation | Remote data protection in a networked storage computing environment |
-
2016
- 2016-07-29 CN CN201610619697.XA patent/CN106060093B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101377751A (en) * | 2007-08-30 | 2009-03-04 | 周宏建 | Method for protecting computer working document |
CN101540755A (en) * | 2008-03-18 | 2009-09-23 | 华为技术有限公司 | Method, system and device for recovering data |
CN103577503A (en) * | 2012-08-10 | 2014-02-12 | 鸿富锦精密工业(深圳)有限公司 | Cloud file storage system and method |
CN103067522A (en) * | 2013-01-10 | 2013-04-24 | 东莞宇龙通信科技有限公司 | Data management method and system and mobile terminal based on cloud end server |
CN105208115A (en) * | 2015-09-01 | 2015-12-30 | 南京伍安信息科技有限公司 | Network-based file separate storage and transmission management system and method |
Non-Patent Citations (1)
Title |
---|
具有入侵容忍能力的数据库隔离与查询机制研究;李玲;《中国优秀硕士学位论文全文数据库 信息科技辑》;20150215;第6,31-33页 |
Also Published As
Publication number | Publication date |
---|---|
CN106060093A (en) | 2016-10-26 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7310817B2 (en) | Centrally managed malware scanning | |
US9467465B2 (en) | Systems and methods of risk based rules for application control | |
US6892303B2 (en) | Method and system for caching virus-free file certificates | |
US11153341B1 (en) | System and method for detecting malicious network content using virtual environment components | |
US6986051B2 (en) | Method and system for controlling and filtering files using a virus-free certificate | |
AU2019246773B2 (en) | Systems and methods of risk based rules for application control | |
JP5809084B2 (en) | Network security system and method | |
US8316442B2 (en) | Preventing secure data from leaving the network perimeter | |
US8874685B1 (en) | Compliance protocol and architecture | |
US20140201843A1 (en) | Systems and methods for identifying and reporting application and file vulnerabilities | |
US20100332593A1 (en) | Systems and methods for operating an anti-malware network on a cloud computing platform | |
US8060920B2 (en) | Generating and changing credentials of a service account | |
US9727424B2 (en) | System and method for maintaining server data integrity | |
CN113010911A (en) | Data access control method and device and computer readable storage medium | |
US20060064754A1 (en) | Distributed network security service | |
CN113572746B (en) | Data processing method, device, electronic equipment and storage medium | |
JP2012526501A (en) | Network contents tampering prevention equipment, method and system | |
CN105528543A (en) | Remote antivirus method, client, console and system | |
US6976271B1 (en) | Method and system for retrieving an anti-virus signature from one or a plurality of virus-free certificate authorities | |
CN106060093B (en) | Cloud platform development approach for mobile device | |
CN108229162A (en) | A kind of implementation method of cloud platform virtual machine completeness check | |
CN106060094B (en) | Cloud computing method for mobile client | |
CN106304067A (en) | High in the clouds data processing method for mobile Internet | |
Jain | Lateral movement detection using ELK stack | |
US20230418933A1 (en) | Systems and methods for folder and file sequestration |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
TA01 | Transfer of patent application right | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20190531 Address after: Unit 701-002, 701 Zone, No. 88 Keyuan Road, China (Shanghai) Free Trade Pilot Area, Pudong New Area, Shanghai, 201203 Applicant after: Shanghai Legang Information Technology Co., Ltd. Address before: 610000 North Tianfu Avenue, Chengdu High-tech Zone, Sichuan Province, 1700, 1 building, 2 units, 18 floors, 1801 Applicant before: Chengdu light horse Network Technology Co. Ltd. |
|
GR01 | Patent grant | ||
GR01 | Patent grant |